McAfee Policy Auditor

McAfee Policy Auditor

Reduce compliance cost by automating the IT audit process

Next Steps:

Overview

By mapping IT controls against predefined policy content, McAfee Policy Auditor helps you report consistently and accurately against key industry mandates and internal policies across your infrastructure or on specific targeted systems. Policy Auditor is an agent-based IT audit solution that leverages the Security Content Automation Protocol (SCAP) to automate the processes required for internal and external IT audits.

Streamlined deployment and management — The McAfee ePolicy Orchestrator (ePO) platform provides easy Policy Auditor deployment, and simplified reporting and compliance management.

Flexible policy formation — Within minutes, Policy Auditor allows for the creation of new policies designed by you, set by corporate governance, or from authoritative sites such as Federal Desktop Core Configuration (FDCC). Real-time audits and controls for setting the frequency of data capture deliver timely information for compliance.

Predefined templates and controls — Policy Auditor comes with predefined benchmark templates and the ability to ensure protection of the business by employing blackout windows that halt data capture during key business periods.

Features & Benefits

Streamline proof of compliance

Use prebuilt policy templates that eliminate manual effort and demonstrate adherence to key industry mandates and internal governance policies, including PCI DSS, SOX, GLBA, HIPAA, FISMA, and the best-practice frameworks ISO 27001 and COBIT. Policy Auditor includes a purpose-built PCI dashboard that delivers a consolidated view of the state of compliance by PCI requirement/control.

Receive unprecedented integration with McAfee ePO and Vulnerability Manager

Use McAfee ePolicy Orchestrator (ePO) software to lower cost of ownership by consolidating endpoint security management and compliance management, easing agent deployment, administration, and reporting. Integration with McAfee Vulnerability Manager enables organizations to consolidate agent and agentless audits.

Get the latest standards in compliance validation

Keep updated on compliance standards. Security Content Automation Protocol (SCAP) validation by the National Institute of Standards and Technology (NIST) enables agencies to comply with the Federal Desktop Core Configuration (FDCC) standard.

Customize and extend Policy Auditor IT controls checking

Create rules from any scripting language supported by the system being audited to extend the check capabilities of Policy Auditor. Sample languages include VBScript, batch files, Perl, and Python.

Prevent disruption to critical business applications with blackout window

Set the frequency of data capture to support automated reports with accurate data. To prevent disruption to critical business applications, a blackout window lets IT operations block audit data capture during key business periods.

Get Fast, automated import of industry benchmarks

Download benchmarks from authoritative sites. Within minutes, view detailed security guidance to confirm regulatory compliance or design your own internal governance policies based on security community best practices.

System Requirements

Operating Systems

  • Microsoft Windows 7
  • Microsoft Windows Vista
  • Microsoft Windows XP Pro
  • Microsoft Windows 2000 (Advanced/Professional), 2003 (Enterprise/Standard), 2008
  • Microsoft Windows XP, 2003, 2008 R1
  • Red Hat Enterprise Linux 3.0
  • Red Hat Enterprise Linux (AS, ES, WS) 4.0, 5.0, 5.1
  • MAC OS X 10.4, 10.5
  • HP-UX (RISC) 11iv1, 11iv2
  • AIX (Power5, Power6) 5.3 TL8 SP5, 6.1 TL2 SP0

Demos / Tutorials

Demos

Use a single solution and achieve continuous compliance with McAfee Configuration Control.

Learn how McAfee Risk and Compliance products scan your entire network, providing complete visibility and ensuring proper protection.

Tutorials

Customer Stories

Intelsat

Intelsat trusts McAfee to protect user and network devices globally.

Highlights
  • Protected a diverse environment from internal and external threats, including the inherent risks of a fluctuating population of 250 to 500 contractors
  • Managed the entire server system with 1.5 full-time employees (FTEs)
  • Reduced solution cost by 75% over a la carte purchases from separate vendors
  • Standardized a security environment that previously required five vendors
  • Complied with regulations, including SOX, HIPAA, and Department of Defense (DoD)

James Tower

McAfee keeps James Tower secure and compliant with industry regulations.

Highlights
  • Reduced time required to push out the most current security and virus patches to minutes, rather than hours or days
  • Used to apply patches, updates, settings, and other security measures consistently across all systems
  • Dramatically reduced audit time as well as time to build and maintain servers
  • Provided fast, accurate profiling of all systems
  • Facilitated decision making through a centralized, consolidated dashboard and robust reporting

Scottrade

Scottrade partners with McAfee to secure customer data.

Highlights
  • Eliminated network vulnerabilities and protected customer information
  • Improved monitoring and control of workstations and servers via a single management console
  • Streamlined and accelerated security management and vulnerability assessment
  • Simplified deployment, patches, and upgrades
  • Helped Scottrade garner multiple awards for customer satisfaction and IT excellence

News / Events

News

Events

No results found

Resources

Data Sheets

McAfee Policy Auditor Software

For a technical summary on the McAfee product listed above, please view the product data sheet.

Solution Briefs

White Papers

Community

Forums

No results found

Blogs

  • Cultural Security: Promoting Security Policies Using Organizational Culture
    Steven Fox - September 06, 2011
    Most of us refer to security policies in much the same way as we refer to our car manuals – when something unexpected happens.  We know these documents have useful information.  However, their utility is tied to situations where answers do not present themselves readily. According to Chris Noel, SVP of Product Management at ANXeBusiness, Read more...
  • Building an Arsenal of Best-in-Breed Database Security Solutions
    Eric Schou - August 19, 2011
    Visit any news site on the Web, and undoubtedly you’ll come across a barrage of articles publicizing the details of yet another data breach. With the prominence of SQL injection attacks, and malicious insiders and hackers exploiting sensitive data stored on unpatched and vulnerable databases, enterprise organizations have found themselves reevaluating their security strategies. Following Read more...
  • Hackers vs. Hackers: The New Frontier Of Embedded Devices
    Stuart McClure - June 27, 2011
    If we look at the evolution of hacking, certain techniques never go out of style, but we’re at the beginning of a big shift in terms of the targets.  The threat landscape has evolved beyond PCs, tablets, and smartphones to a whole new battleground: connected devices all around us. According to Ericsson, there will be Read more...
  • The Consumer Experience, The Data Center And 99.9% Uptime
    Evelyn de Souza - May 23, 2011
    While 99.9% network and server uptime has long been an established standard in data centers, the consumer experience so often fails to live up to that, and I as I was reminded of again this weekend.    Unplanned network or server changes or vulnerabilities are often the cause of website outages.  And, as the website Read more...
  • My Recent Travels to Italy and Spain
    Gert Jan Schenk - May 19, 2011
    Recently I have been meeting with customers and resellers throughout Italy and Spain and it was interesting to hear that their needs from a security partner are very similar to those from the other countries I have recently visited.  I have started to see strong interest in the McAfee DLP, Database Protection and Encryption technologies Read more...